SOURCE: LogLogic

January 24, 2007 15:09 ET

LogLogic Announces FISMA Control and Compliance Suite Based on NIST for Government Organizations

SAN JOSE, CA -- (MARKET WIRE) -- January 24, 2007 -- LogLogic, the log management and intelligence leader, today announced the LogLogic Compliance and Control Suite for the Federal Information Security Management Act (FISMA), adding to the industry's deepest log reporting and alerting capabilities. Offering more than 100 alerts and reports out-of-the box, the Suite enables users to move to continuous FISMA compliance through real-time and automated reports, and alerts on 100% of log data. Designed for IT professionals, auditors and end-users alike, the new Suite promises to cut hundreds of hours of time from routine log management tasks such as log collection and storage, report writing and audit sampling.

"Log data provides an immutable fingerprint of user and IT activity," said Dominique Levin, VP of Product Management for LogLogic. "LogLogic not only allows that fingerprint to be captured and securely stored, but also reported and alerted on -- we transform it into intelligence that can be acted on. By automating this process we are easing the burden most Government departments face in complying with multiple external compliance mandates and internal IT controls."

FISMA requires US Government organizations to put in place a mandatory set of processes that protect the organizations' information systems and data. FISMA uses several standards as the basis for these processes -- the Federal Information Processing Standards (FIPS), the National Institute of Standards and Technology (NIST) "Recommended Security Controls for Federal Information Systems" (Special Publication 800-53), and other regulatory guidelines specific to particular agencies.

According to Gartner, Inc., "Government organizations that are required to meet FISMA compliance should use [compliance] as a control framework. Use compliance as an opportunity to improve operational security not only by defining assets and documenting the current state of the organization, but also by implementing control objectives that drive effective risk analysis and management." Additionally, "Organizations should use compliance as an opportunity to implement technologies and processes that improve operational security as well as provide support for FISMA and FIPS 199 compliance."(1)

"US government organizations are currently required to comply with FISMA," continues Levin. "Log management and intelligence is a simple and cost effective way to cut through the complexities of continuously complying with the standards and FISMA regulation, while improving processes, reporting and other efficiencies across the IT infrastructure."

Log Intelligence Delivers FISMA Compliance In Minutes

LogLogic's FISMA Compliance and Control Suite helps government agencies verify that information security policies are being followed, substantially reduce audit time and expense, and achieve FISMA compliance. Out-of-the-box reports and alerts directly map to NIST standards, including NIST 800-53 (security controls) and NIST 800-92 (log management), providing an efficient, easy-to-implement solution. LogLogic's approach is cost-effective, using all available log data to automate the process of auditing and enforcing policies -- and supports 100% of all log-related IT controls as outlined by FISMA. The first FISMA compliance solution based on log management and intelligence, LogLogic's Compliance and Control Suite for FISMA runs on LogLogic's award-winning LogLogic appliances.

Independent analysts report that log data accounts for over 25% of all enterprise data, and provides valuable insight into the operation and compliance of IT systems.

Installed within minutes, LogLogic's award-winning solutions aggregate high volumes of log data and offer fast search and drill-down capabilities essential to maintaining IT health, while automating log data archival and providing more secure log data retention.

Through Agile Reporting™, LogLogic can deliver over 13,000 customizable reports. As a result, IT staff can quickly create customizable templates that align with their IT control matrix and best practice standards and regulations, including Sarbanes-Oxley, HIPAA, ISO, CoBIT, COSO and ITIL.

Additionally, LogLogic's Log Management and Intelligence platform goes beyond the scope of traditional security event monitoring tools to enable collection and processing of log data from virtually any source, enabling user activity to be monitored and reviewed across multiple systems from the network, in email, on servers and across databases. LogLogic Open Log Services provide low-level services to a number of applications including Security Event and Information management solutions, including EMC Smarts, IBM Tivoli and HP OpenView, conforming to Web services and Java standards. Open Log Services are designed so that they can be embedded in other software applications from managed security service providers and other vendors.

Pricing and Availability

For more information about LogLogic Control and Compliance Suites, and the FISMA Compliance Suite visit NIST's Policy Guide for 800-53 is available for download here:

LogLogic sponsored a webcast with Government Computer News on FISMA compliance with Dr. Ron Ross of NIST. A replay of the event, "FISMA: How can you improve your IT security?" is available on Friday, January 26, 2007, 11:00 AM EST / 8:00 AM PST. To attend, please sign up here:

Available in late Q1 2007, the LogLogic Compliance & Control Suite, FISMA edition, is priced from $9995 USD for LogLogic's award-winning family of appliances and through LogLogic Managed Security Services providers.

Note 1 -- Gartner, Inc., "Findings From 'Security and Risk' Meeting: Augment FISMA Reporting with Technical Controls to Improve Operational Security," Amrit T. Williams, John Pescatore, April 4, 2006.

About LogLogic

LogLogic™ provides the world's leading enterprise-class platform for collecting, storing, reporting and alerting on 100 percent of IT log data from virtually any device, operating system or application. LogLogic series 3 LX and ST appliances address the compliance, operations and risk mitigation needs of the most demanding Fortune and Times 1000 companies globally. LogLogic's innovations include creating the world's first search engine for fast moving IT log data and Compliance Suites that automate using that data to enforce critical controls and regulations. LogLogic has won multiple awards including 2006 AlwaysOn Top 100 Private Company, Best of Interop 2005, SC Magazine's "Best Computer Forensics," Info Security's "Hot Company 2006," and the Red Herring 100. For more information, visit and

LogLogic disclaims any proprietary interest in the marks and names of others.

Contact Information